Tag Archives: BitGlass

Bad Rabbit is a ransomware system that has been tearing apart parts of Eastern Europe since Tuesday, including three Russian websites, an airport in Ukraine and an underground railway in the capital city, Kiev. It’s methods are quite similar to the Petya and WannaCry disasters from earlier this year, but as of now has not caused quite as much damage. But while the outbreak has not yet racked up as much damage as its predecessors, many experts are warning it’s practically anyone’s guess as to how far the malware could actually spread.

Security experts have been pushing the same ideas as with previous ransomware attacks regarding the need for enterprise users to better secure their networks. Bitglass CEO Rich Campagna told SiliconANGLE: “The danger in new ransomware variants is the potential for spread to vulnerable devices. Where endpoints are not yet updated to detect these zero-day attacks, cloud app threat protection can serve as an organization’s first line of defense. As ransomware evolves and becomes more potent, the ability to identify malware in the cloud based on the characteristics of a file as opposed to hash or signature-based scans can prove critical.”

VP of Product and Design at Balbix Manoj Asnani commented on the situation, claiming that organizations seeking a defense against attacks such as Bad Rabbit, must maintain “instant visibility” of which systems and assets are vulnerable to third party access or attack. He elaborates; “Security teams must have automated systems in place that can continuously monitor these type of attack vectors and provide vital information instantly when needed. Organizations without automation in place are at a huge defensive disadvantage against fast-spreading malware like this.”

Gain some good insights from this piece? Check out some of our other content here.

A recent security flaw in WPA2, the security protocol for most modern WiFi systems, could allow an attacker to steal sensitive data including emails, credit card numbers and passwords. The exploit was found and announced by researchers at Belgian university KU Leuven reported Monday.

Depending on the network configuration, the flaw also could allow an attacker to inject or manipulate information in the system — for example, inject ransomware or other malware into websites being used.

Fundamental flaws that impact all Web users like KRACK are “incredibly rare” but not unprecedented, said Rich Campagna, CEO of Bitglass. The Heartbleed vulnerability, which surfaced in 2014, is another example of a flaw that had widespread impact across the spectrum, he told TechNewsWorld.

He elaborated in the SiliconAngle: “This vulnerability speaks to the importance of ensuring that all connections from endpoints leverage strong encryption, such as the latest versions of Transport Layer Security,” he said. “Intermediary proxies can ensure that regardless of what the application supports, all connections from end-user devices leverage strong encryption.”

Gaurav Banga, CEO of Balbix, also discussed the attack exploiting the WPA2 flaw would require an adversary to be close to the target: “Remember that many public networks are wide open anyway, and enterprises expect TLS (HTTPS) and VPNs to provide the real protection, even if WiFi is open wide,” he told TechNewsWorld. “Perhaps this is why the vulnerability disclosure was not taken very seriously until this week.”

Bitglass is a total data protection company, a global cloud access security broker (CASB), and agentless mobile security company based in Silicon Valley.

Balbix produces a predictive breach risk platform to leverage predictive analytics and AI to provide enterprises with a comprehensive and continuous risk and resilience calculation.

Headquartered in Campbell, California, BitGlass is a cloud security firm whose products enable the ultimate encompassing of contextual control of data access. From any device, even unmanaged devices where agents can’t be deployed, enterprises can wipe data from lost, stolen, or deprovisioned devices. Users can detect and block potentially threatening user behaviors, such as a hacker (or even a rogue privileged user) login in from new devices or locations. CEO Rich Campagna was senior director of product management at F5 Networks responsible for access security prior to joining Bitglass, where he began as SVP Products and Marketing before assuming the position of CEO.

The self proclaimed White Hat Hacking group OurMine is back in the news and this time it has targeted Vevo and released nearly 3.12TB of its internal data online. According to analysis, some of the documents released online are of sensitive nature.

Rich Campagna, CEO of 10Fold client Bitglass has commented on situations likes this before, saying that: “Acquiring credentials to access sensitive data is increasingly easy and incredibly lucrative for today’s hackers. The ease with which credentials can be compromised starts with risky behavior among users. Many end-users, for example, have a habit of recycling passwords across corporate and personal accounts, including personal social media, banking, and corporate email. This practice poses a risk to all data accessible to that user.”

Incompetence, failures, and general shady behavior in responding to its massive data breach from Equifax has confirmed that attackers entered its system in mid-May through a web-application vulnerability that had a patch available in March. In other words, the credit-reporting giant had more than two months to take precautions that would have defended the personal data of 143 million people from being exposed. It didn’t.

Researchers at Kromtech Security Center have discovered the personal details of over half a million US voters exposed to the public internet, once again thanks to a misconfigured database. It was a CouchDB database of 593,328 Alaskan voter records including names, addresses, dates of birth, voting preferences, household income and much more. The data in question is part of Voterbase; a larger trove of info on 191 million voters and 58m unregistered US voters managed by a TargetSmart.

10Fold Content Newsletter

Popular Post

Our Client – AppDynamics

Get in Touch with 10Fold!

With offices based in San Francisco, the California Bay Area and Southern California, 10Fold Communications is conveniently located in the epicenter of technology innovation.

About

10Fold Communications is a high-tech integrated marketing and public relations agency. We leverage our specialized skills and our well-established media and analyst relations to provide you with far-reaching perspectives, insights and results. We’re dedicated to your success and we have the know-how to make it happen..